Bug #19820: Use TYPO3 encryption key in initial state of random byte generation - TYPO3 Core - TYPO3 Forge

Actions

Copy link

Bug #19820

closed

Use TYPO3 encryption key in initial state of random byte generation

Added by Marcus Krause almost 16 years ago. Updated almost 15 years ago.

Status:

Closed

Priority:

Should have

Assignee:

Marcus Krause

Category:

Target version:

Start date:

2009-01-14

Due date:

% Done:

Estimated time:

TYPO3 Version:

4.3

PHP Version:

5.2

Tags:

Complexity:

Is Regression:

Sprint Focus:

Description

Function t3lib_div::generateRandomBytes() (fallback for OS windows) could be improved when using TYPO3's encryption key to create a (more unpredictable) initial state.

Besides due to md5()'s shorter length in contrary to sha1(), we should use md5() to get as much timestamps as possible in the resulting byte stream.

(issue imported from #M10131)

Files

10131.diff (1.07 KB) 10131.diff

Administrator Admin, 2009-01-14 11:58

Actions

Copy link

Updated by Michael Stucki over 15 years ago

The bug was fixed already in TYPO3 4.2.4, but the code was missing in Trunk. This has been committed now.

Actions

Copy link

Also available in: Atom PDF

Project

General

Profile

TYPO3 Core

Custom queries

Watchers (1)

Bug #19820

Use TYPO3 encryption key in initial state of random byte generation

Updated by Michael Stucki over 15 years ago